twitter-to-binance-square
Pass
Audited by Gen Agent Trust Hub on May 30, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface
- Ingestion points:
scripts/auto_mirror.pyretrieves tweet text from the vendor-managed Twitter API proxy (ai.6551.io). - Boundary markers: Absent. Tweet content is directly interpolated into a pre-defined text template before being sent to Binance Square.
- Capability inventory:
scripts/auto_mirror.pyandscripts/mcp_server.pypossess the capability to perform network POST/PUT requests to Binance Square and write state information to a local JSON file. - Sanitization: The script performs basic sanitization on tweet text, including removing
t.coURLs, stripping retweet prefixes, and collapsing multiple newlines via regular expressions. - [COMMAND_EXECUTION]: Local Command Execution for Media Processing
- The skill utilizes
subprocess.runto callffmpegandffprobefor video duration detection and cover frame extraction. Arguments are passed as a list, which effectively prevents shell injection attacks. These operations are confined to processing media files intended for upload. - [EXTERNAL_DOWNLOADS]: Remote Asset Retrieval
- The skill fetches tweet metadata from the author's infrastructure (
ai.6551.io) and downloads media assets from Twitter's content delivery network (pbs.twimg.com) or user-supplied URLs. These downloads are required for the skill's primary function of mirroring social media content. - [SAFE]: Verified Service Interaction
- External communications are limited to well-known services (Binance, Twitter) and the vendor's own API domain. Credentials (API keys and tokens) are managed through environment variables rather than hardcoding, following standard security best practices.
Audit Metadata